/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package ru.miit.elearning.servlets;

import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.hibernate.Session;
import org.hibernate.exception.ConstraintViolationException;
import ru.miit.elearning.hibernate.dao.ConfigurationDAO;
import ru.miit.elearning.hibernate.dao.HibernateUtil;
import ru.miit.elearning.hibernate.dao.UserDAO;
import ru.miit.elearning.hibernate.dao.WebLabUtil;

/**
 *
 * @author Cyclone
 */
public class EditUserServlet extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        String message = null;

        Session session = null;

        int userId = -1;
        boolean isMyProfile = false;
        try {
            userId = Integer.parseInt(request.getParameter("id"));

            session = HibernateUtil.getSessionFactory().getCurrentSession();
            session.beginTransaction();

            UserDAO userDAO = new UserDAO(session);

            int currentUserId = userDAO.findUserIdByLogin(request.getRemoteUser());
            if (currentUserId == userId) {
                isMyProfile = true;
            }
            if (request.isUserInRole("admin") || isMyProfile) {

                String act = request.getParameter("act");
                if (act != null) {
                    if (act.equals("changePass")) {
                        String oldPass = request.getParameter("oldPass");
                        String newPass = request.getParameter("newPass");
                        boolean changed = userDAO.changePassword(userId, oldPass, newPass);
                        if (!changed) {
                            throw new Exception("Password not changed");
                        }
                    } else {
                        ConfigurationDAO configurationDAO = new ConfigurationDAO(session);
                        if (act.equals("delProp")) {
                            int propertyId = Integer.parseInt(request.getParameter("propId"));
                            configurationDAO.deleteUserProperty(userId, propertyId);
                        } else {
                            if (act.equals("addProp")) {
                                int propertyId = Integer.parseInt(request.getParameter("propId"));
                                configurationDAO.setUserProperty(userId, propertyId, null);
                            } else {
                                if (act.equals("editProp")) {
                                    int propertyId = Integer.parseInt(request.getParameter("propId"));
                                    String propertyValue = request.getParameter("propValue");
                                    configurationDAO.setUserProperty(userId, propertyId, propertyValue);
                                }
                            }
                        }
                    }
                    act = null;
                } else {

                    String name = request.getParameter("name");
                    String login = request.getParameter("email");

                    userDAO.updateUser(userId, name, login);
                }

                message = "Профиль отредактирован";
            } else {
                message = "У Вас нет прав на редактирования профиля пользователя";
            }

            if (session != null && session.isOpen()) {
                session.getTransaction().commit();
            }

            getServletContext().setAttribute("message", message);
            if (userId != -1) {
                response.sendRedirect("Profile?id=" + userId);
            } else {
                response.sendRedirect("Users");
            }

        } catch (ConstraintViolationException e) {
            if (session != null && session.isOpen()) {
                session.getTransaction().rollback();
            }
            Logger.getLogger(EditUserServlet.class.getName()).log(Level.SEVERE, null, e);
            e.printStackTrace();

            message = "<p>Ошибка редактирования профиля пользователя. Вероятно, выбранный e-mail уже занят";
            message += WebLabUtil.prepareExceptionRef(request.getSession(), e);
            message += "</p>";

            getServletContext().setAttribute("message", message);

            if (request.getParameter("ajax") != null && request.getParameter("ajax").equals("true")) {
                response.sendError(HttpServletResponse.SC_BAD_REQUEST);
            } else {
                if (userId != -1) {
                    response.sendRedirect("Profile?id=" + userId);
                } else {
                    response.sendRedirect("Users");
                }
            }
        } catch (Exception e) {
            if (session != null && session.isOpen()) {
                session.getTransaction().rollback();
            }
            Logger.getLogger(EditUserServlet.class.getName()).log(Level.SEVERE, null, e);
            e.printStackTrace();

            message = "<p>Ошибка редактирования профиля пользователя";
            message += WebLabUtil.prepareExceptionRef(request.getSession(), e);
            message += "</p>";
            getServletContext().setAttribute("message", message);

            if (request.getParameter("ajax") != null && request.getParameter("ajax").equals("true")) {
                response.sendError(HttpServletResponse.SC_BAD_REQUEST);
            } else {
                if (userId != -1) {
                    response.sendRedirect("Profile?id=" + userId);
                } else {
                    response.sendRedirect("Users");
                }
            }
        } finally {
            if (session != null && session.isOpen()) {
                session.close();
            }
        }
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
